Main Page
Authentication PostProcessing SPI Sample :
ISAuthPostProcessSample
This file explains how to compile , deploy and
configure the Authentication Post Processing SPI Sample.
PRODUCT_DIR setting on different
Platforms:
Steps to compile the ISAuthPostProcessSample Sample
program on Solaris Sparc/x86, Linux
Follow the steps given below to compile the
sample
found under <PRODUCT_DIR>/samples/authentication/spi/postprocess .
Set the following environment variables. These
variables will be used to run the gmake command. You can also set these
variables in the Makefile. This Makefile is in
<PRODUCT_DIR>/samples/authentication/spi/postprocess.
- JAVA_HOME
Set this variable to your installation of JDK. The
JDK should be version 1.3.1_06 or higher.
- CLASSPATH
Set this variable to refer to am_services.jar which can
be found in the <PRODUCT_DIR>/lib directory. (Note: Include
jaas.jar in your classpath if you are using JDK version less than
JDK1.4)
- BASE_DIR
Set this variable to the directory where the Access
Manager is installed.
- BASE_CLASS_DIR
Set this variable to the directory where all the Sample
compiled classes are located.
- JAR_DIR
Set this variable to the directory where the JAR files of
the Sample compiled classes will be created.
Go to the
<PRODUCT_DIR>/samples/authentication/spi/postprocess directory
and run gmake.
Steps to "deploy" the ISAuthPostProcess Sample program
- Copy
ISAuthPostProcess.jar from JAR_DIR to <PRODUCT_DIR>/lib.
-
Update Web Container configuration file "server.xml"
to add ISAuthPostProcessSample.jar to the classpath. "server.xml" file
for
different web containers can be found at:
- WebServer - /<WS-home-dir>/https-<WS-instance-name>/config/
- AppServer - /<AS-home-dir>/domain/domain1/server1/config/
- For all other web containers consult their
documentation.
- WebServer -
/<WS-home-dir>/https-<WS-instance-name>/restart
- Application Server -
/<AS-install-dir>/<domains>/<domain
name>/<server instance>/bin/restartserv (eg.
/<AS-home-dir>/domains/domain1/server1/bin/restartserv)
For all other web containers consult their
documentation.
Steps to
configure Authentication Post Processing SPI:
The Authentication
PostProcessing Sample can be configured at the Organization,Service
or
Role level.
Configuring
ISAuthPostProcess Sample for Organization :
-
Log in to Access Manager console as amAdmin to http://<host>.<domain>:<port>/<Service-Deploy-URI>/UI/Login
- Select "Access Control" tab.
- Select the realm.
- Select "Authentication" tab.
- Click on "Advanced Properties" button.
- Add
"com.iplanet.am.samples.authentication.spi.postprocess.ISAuthPostProcessSample"
to "Authentication PostProcessing Class" attribute
- Click on "Save" to save the changes.
- Log out
- Enter URL
http://<host>.<domain>:<port>/<Service-Deploy-URI>/UI/Login(If
you choose
to
use an organization other than the default, please specify that in the
URL
using the 'org' parameter.)
- The postprocessing SPI will get executed on
successful authentication, failed authentication and on
Logout.
Configuring ISAuthPostProcess Sample for Service:
- Log in to Access Manager console as amAdmin to http://<host>.<domain>:<port>/<Service-Deploy-URI>/UI/Login
- Select "Access Control" tab.
- Select the realm.
- Select "Authentication" tab.
- Click "New" button under Configurations.
- Define configuration name.
- Click on the configuration name.
- Add
"com.iplanet.am.samples.authentication.spi.postprocess.ISAuthPostProcessSample"
to "Authentication PostProcessing Class" attribute.
- Use "Add" button to add modules to this
configuration.
- Click on "Save" to save the changes.
- Log out
- Enter URL
http://<host>.<domain>:<port>/<Service-Deploy-URI>/UI/Login?service=<configname>
(If you choose to use an organization other than the default, please
specify that in the URL using the "org" parameter.)
- The postprocessing SPI will get executed on
successful authentication,failed authentication and on Logout for the
service accessed.
Configuring
ISAuthPostProcess Sample for Role:
- Log in to Access Manager console as amAdmin
to http://<host>.<domain>:<port>/<Service-Deploy-URI>/UI/Login
- Select "Access Control" tab.
- Select the realm.
- Select "Subjects" Tab.
- Select "Roles" tab below the subjects tab
- Click "New".
- Enter the role name and click "create".
- Click on the role name in the "Role" table.
- Click on "Add" under "Services" and add a
"Authentication Configuration".
- Click "Next".
- Choose a configuration from the drop down and click
"Finish". If the role is configured to use a
configuration as defined in "Configuring ISAuthPostProcess
Sample for Service" above , then all role based
authentication would use "Authentication PostProcessing
Class" of that configuration.
- Invoke the URL http://<host>.<domain>:<port>/<Service-Deploy-URI>/UI/Login?role=<role
name>
On Windows2000
Steps to compile the ISAuthPostProcessSample program on
Windows2000
- Go to the
<install-root>\samples\authentication\spi\postprocess directory
and run make.
Steps to deploy the ISAuthPostProcessSample Sample program
- Copy ISAuthPostProcess.jar from JAR_DIR to
<install-root>\lib
- Update classpath with
ISAuthPostProcess.jar in the Web Container from which this
sample has to run.
- Restart Access Manager
("<install-root>\bin\amserver start).
Steps to configure Authentication Post Processing SPI:
This sample can be can be set in the Core Auth
Service for Organization and Authentication Configuration Service
for Role OR Service.
Refer to this in the "Solaris"
section in this document.
|